diff --git a/files/mirrorlist/mm-authorized_key b/files/mirrorlist/mm-authorized_key new file mode 100644 index 0000000000..bef6a5561a --- /dev/null +++ b/files/mirrorlist/mm-authorized_key @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA1+Mq0V8RPuCZrjsSz2y56tVR+hykwoYSodhs6ivqkuf16PHo1Aq2PR+I7xnxnJ/fqF20UEV4bmRFs9k4y/QnMOwi90O32vC3WZmfLfoY9S9dzUYXXOYy0lQZPMjmB+yOYZhhGIu2HTc4/CHKjVpCUZKHXwgkouEwsAEHQI86TrepvPwt5GrmAeZjcRp8T3maaFlRf8UFgcajF9ztgiEnBpWBEKaemtUtQ/g9cr/SwNMT3GK+M4qMVaXkuTCeiKwqxueZmTgn76aQ11sfoWYi1lVCyYt02iMDoBLaLERbwBLt3WpY/l3tQaZiPVoRPDH2EQb6v/XISsXNsqGtnc8APfhkVniURNwW/Qz8eXhpnd7GlU90iWPExvGo/Eaj2cNemgiNZH7/U7OKe3/7Li+IpPDhLCfJ8ue7Nqn+2uqhEWvzZXvamzcvEg89PBbgrdHDvJqVLnfsMDuDEo93KZ2pCfTGmjbYjbV3nnArhimLjkkb2E86489F09p65e4AoZw3HFgeW8yA3ecXtXd9FmYYkL0urT1AZFuJ/9B364h4gOqUt0oO7aW0vqhS1hW+7brIJ2DzM/vn90ONk8JVt1T3DvmgmVLxtuo1wu1PkDtekZNtJPGuGzvt5TYDjGPwZzrkYdYazLow3NMCyrhV6oNm8sxuZCLxeyZdM83Q7xty5nM= toshio@puppet1.fedora.phx.redhat.com diff --git a/files/mod_wsgi/wsgi.conf b/files/mod_wsgi/wsgi.conf new file mode 100644 index 0000000000..6c32a15e93 --- /dev/null +++ b/files/mod_wsgi/wsgi.conf @@ -0,0 +1,14 @@ +LoadModule wsgi_module modules/mod_wsgi.so + +# Some apps, notably anything that uses hg, need these off +WSGIRestrictStdin Off +WSGIRestrictStdout Off + +# Put the socket somewhere writable +WSGISocketPrefix run/wsgi + +# Do not Optimize without stripping docstrings +WSGIPythonOptimize 0 + +# Set WSGIApplicationGroup to global +WSGIApplicationGroup %{GLOBAL} diff --git a/tasks/mirrorlist.yml b/tasks/mirrorlist.yml new file mode 100644 index 0000000000..8c3a07a7cf --- /dev/null +++ b/tasks/mirrorlist.yml @@ -0,0 +1,30 @@ +--- +# tasklist for setting up the mirrorlist app components +# install supervisor +# install mirrormanager +- name: install supervisor and mirrormanager + yum: pkg=$item state=installed + with_items: + - supervisor + - mirrormanager + tags: + - packages + +# create mirrormanager user +- name: add mirrormanager user - uid 441 + user: name=mirrormanager uid=441 state=present home=/home/mirrormanager createhome=yes system=yes + +# mirrormanager user ssh key(s) +- name: add authorized_keys for mirrormanager + authorized_key: key=$files/mirrorlist/mm-authorized_key user=mirrormanager state=present + +# install mirrorlist-server.conf apache config +- name: mirrorlist-server apache conf + copy: src=$files/mirrorlist/mirrorlist-server.conf dest=/etc/httpd/conf.d/mirrorlist-server.conf + notify: + - restart apache + tags: + - config + +# selinux policy - mirrormanager - put in place - for the sockfile +# diff --git a/tasks/mod_wsgi.yml b/tasks/mod_wsgi.yml new file mode 100644 index 0000000000..ffb2030746 --- /dev/null +++ b/tasks/mod_wsgi.yml @@ -0,0 +1,16 @@ +--- +# install mod_wsgi +- name: install mod_wsgi + yum: name=mod_wsgi state=installed + tags: + - packages + +- name: wsgi.conf + copy: src=$files/mod_wsgi/wsgi.conf dest=/etc/httpd/conf.d/wsgi.conf + notify: + - restart apache + tags: + - config + + +# hotfix: hash_randomization? - to httpd?